Just Another Usual Flake Update Right?
Last night, I decided to do a flake update. The updating process showed that it needed to download almost 8GB of data. I was thinking, “What the hell? Even a fresh install only downloaded about 6GB of data. Why would a daily update require more?” Since NixOS can safely roll back to a previous system version, I didn’t stop the update; I wanted to see what was going on.
Endless building
After finishing the download, my computer started to build a package called onnxruntime-1.22.0. I had never seen this package before—maybe it was a new dependency—but it took more than an hour to build. My computer even crashed twice because my root was running in tmpfs.
Right after building onnxruntime-1.22.0, I thought I could finally finish the update, but then a new line showed up in the console: [2/4/20 built] building firefox-unwrapped-142.0. This was ridiculous—why would NixOS try to locally build Firefox? The build phase crashed my computer multiple times. I tried to set my tmpfs root to 24 GB, and even used nixos-rebuild switch --max-jobs 1 --cores 0, but it still couldn’t build Firefox.
Binary Cache
A binary cache saves time and resources by providing ready-to-use packages, eliminating the need to rebuild everything from source. Usually, most packages are fetched from the official binary cache, especially for large packages such as browsers. So why did my computer build Firefox locally instead of fetching it from the cache?
According to this issue, this happened because Firefox 142.0 allowed extensions to use AI LLMs. Since the merge of PR #436667, Mozilla stuff depends on onnxruntime which itself when nixpkgs.config.cudaSupport = true; depend on cudnn which is a CUDA package with an unfree license and makes it not built by official nixpkgs hydra.
Now I know what the problem is, but how do I solve it? I don’t want my flake to get stuck on this version forever.
Solution
According to this PR, firefox-unwrapped-142 has been added to the nix-community cache. After checking my Nix config:
nix config show | grep substituterssubstituters = https://hyprland.cachix.org https://cuda-maintainers.cachix.org https://cache.nixos.org/trusted-substituters =I realized that I hadn’t added the nix-community cache to the sources. The following configuration adds it:
nix.settings = { substituters = [ "https://nix-community.cachix.org" ]; trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ];};Then I dropped the flake and executed nixos-rebuild switch to apply the new Nix config. Here is the output after adding the nix-community cache:
nix config show | grep substituterssubstituters = https://nix-community.cachix.org https://hyprland.cachix.org https://cuda-maintainers.cachix.org https://cache.nixos.org/trusted-substituters =After updating the flake and rebuilding again, firefox-unwrapped-142 was successfully fetched from the community cache. I finally managed to upgrade my system :)
Reference: